[
https://issues.apache.org/jira/browse/IGNITE-11288?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Pavel Voronkin updated IGNITE-11288:
------------------------------------
Description:
According to java8 SSLSocketImpl:
if (var1.isAlert((byte)0) && this.getSoLinger() >= 0) {
boolean var3 = Thread.interrupted();
try {
if (this.writeLock.tryLock((long)this.getSoLinger(), TimeUnit.SECONDS)) {
try
{ this.writeRecordInternal(var1, var2); } finally \{ this.writeLock.unlock(); }
} else {
SSLException var4 = new SSLException("SO_LINGER timeout, close_notify message
cannot be sent.");
if (this.isLayered() && !this.autoClose) \{ this.fatal((byte)-1,
(Throwable)var4); } else if (debug != null && Debug.isOn("ssl")) \{
System.out.println(Thread.currentThread().getName() + ", received Exception: "
+ var4); }
this.sess.invalidate();
}
} catch (InterruptedException var14) \{ var3 = true; }
if (var3) \{ Thread.currentThread().interrupt(); }
} else {
this.writeLock.lock();
try \{ this.writeRecordInternal(var1, var2); }
finally
{ this.writeLock.unlock(); }
}
In case of soLinger is not set we fallback to this.writeLock.lock(); which wait
forever.
U.closeQuiet(socket) if SSL is on will hang if soLinger() is negative.
We need to make it configurable for TcpCommSpi and TcpDisco. I suggest default
value 0.
was:
According to java8 SSLSocketImpl:
if (var1.isAlert((byte)0) && this.getSoLinger() >= 0) {
boolean var3 = Thread.interrupted();
try {
if (this.writeLock.tryLock((long)this.getSoLinger(), TimeUnit.SECONDS)) {
try {
this.writeRecordInternal(var1, var2);
} finally {
this.writeLock.unlock();
}
} else {
SSLException var4 = new SSLException("SO_LINGER timeout, close_notify message
cannot be sent.");
if (this.isLayered() && !this.autoClose) {
this.fatal((byte)-1, (Throwable)var4);
} else if (debug != null && Debug.isOn("ssl")) {
System.out.println(Thread.currentThread().getName() + ", received Exception: "
+ var4);
}
this.sess.invalidate();
}
} catch (InterruptedException var14) {
var3 = true;
}
if (var3) {
Thread.currentThread().interrupt();
}
} else {
this.writeLock.lock();
try {
this.writeRecordInternal(var1, var2);
} finally {
this.writeLock.unlock();
}
}
In case of soLinger is not set we fallback to this.writeLock.lock(); which
might fail forever.
> Missing SO_LINGER in TcpDiscovery and TcpCommunicationSpi causing
> SSLSocket.close() deadlock.
> ---------------------------------------------------------------------------------------------
>
> Key: IGNITE-11288
> URL: https://issues.apache.org/jira/browse/IGNITE-11288
> Project: Ignite
> Issue Type: Bug
> Reporter: Pavel Voronkin
> Priority: Critical
>
> According to java8 SSLSocketImpl:
> if (var1.isAlert((byte)0) && this.getSoLinger() >= 0) {
> boolean var3 = Thread.interrupted();
> try {
> if (this.writeLock.tryLock((long)this.getSoLinger(), TimeUnit.SECONDS)) {
> try
> { this.writeRecordInternal(var1, var2); } finally \{ this.writeLock.unlock();
> }
> } else {
> SSLException var4 = new SSLException("SO_LINGER timeout, close_notify
> message cannot be sent.");
> if (this.isLayered() && !this.autoClose) \{ this.fatal((byte)-1,
> (Throwable)var4); } else if (debug != null && Debug.isOn("ssl")) \{
> System.out.println(Thread.currentThread().getName() + ", received Exception:
> " + var4); }
>
> this.sess.invalidate();
> }
> } catch (InterruptedException var14) \{ var3 = true; }
>
> if (var3) \{ Thread.currentThread().interrupt(); }
> } else {
> this.writeLock.lock();
>
> try \{ this.writeRecordInternal(var1, var2); }
> finally
> { this.writeLock.unlock(); }
> }
>
> In case of soLinger is not set we fallback to this.writeLock.lock(); which
> wait forever.
> U.closeQuiet(socket) if SSL is on will hang if soLinger() is negative.
> We need to make it configurable for TcpCommSpi and TcpDisco. I suggest
> default value 0.
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
